Authentication - Encryption - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Attestation of Identity Information 2006-11-10 14:17:30 Oracle

This Oracle white paper discusses the fundamental premise of attestation and the role of identity management in achieving cost-effective, sustainable compliance. Attestation is the requirement that management periodically certifies that only appropriate individuals have accessed sensitive information. While the cost of complying with the provisions of regulations like Sarbanes Oxley is high, the cost of non-compliance is even higher. Fortunately, today's robust identity management (IdM) solutions are reducing the overall cost of compliance providing automated processes to maintain a comprehensive audit trail of historical user privileges, including when, why, and through which systems information was accessed. Any IT decision maker who's seeking an end-to-end security solution that supports regulatory compliance will benefit from informative white paper from Oracle.

How to Gain Visibility and Control of Encrypted SSL Web Sessions 2006-04-27 07:59:09 Blue Coat Systems

SSL traffic is growing into a significant amount of enterprise network traffic. IT is unable to secure, control, or accelerate this traffic. Blue Coat's new SSL proxy removes IT's blinders, enabling organizations to establish a critical control point for policy, performance, and protection of users and applications using SSL. While enterprises should update acceptable use policies, Blue Coat's solution affords the appropriate flexibility and controls to mitigate any potential privacy concerns within the enterprise.

SSL in High-Security Browsers 2006-04-20 08:59:26 VeriSign

Declaring war on security exploits, browser providers are collaborating with industry experts to make their products more secure. A new breed of high-security browsers, including Firefox, Opera, and the upcoming Microsoft Internet Explorer 7, give users clear indications of a site's trustworthiness. With an average online order value of Ł75 and rising abandonment rates, e-commerce sites stand to gain or lose veritably depending on how users perceive them through these new browsers.

SSL in High-Security Browsers 2006-04-20 08:59:26 VeriSign

Declaring war on security exploits, browser providers are collaborating with industry experts to make their products more secure. A new breed of high-security browsers, including Firefox, Opera, and the upcoming Microsoft Internet Explorer 7, give users clear indications of a site's trustworthiness. With an average online order value of Ł75 and rising abandonment rates, e-commerce sites stand to gain or lose veritably depending on how users perceive them through these new browsers.

Managed Public Key Infrastructure: Securing Your Business Applications 2006-08-04 01:00:11 VeriSign

Distributed Denial of Service (DDoS) attacks are quite common on the Internet today. They have been known to generate tremendous volumes of traffic to the victims. Often the attack can be thwarted with appropriate countermeasures or filters applied to routers. Recently there has been an increase in the number of attacks using a less common, but well known, technique known as Distributed Reflector Denial of Service (DRDoS) attacks. Although not extremely rare, they are far less common than the traditional DDoS attack method. This paper will outline details about these recent attacks. Many of the specific servers involved and the few compromised machines known to be involved have been obfuscated since they are not relevant to the analysis.

Modeling and Evaluation of Certification Path Discovery in the Emerging Global PKI 2006-04-09 Dartmouth College

Establishing trust on certificates across multiple domains requires an efficient certification path discovery algorithm. Previously, small examples are used to analyze the performance of certification path discovery. This paper proposes and implements a simulation framework and a probability search tree model for systematic performance evaluation. Built from measurement data collected from current PKI systems in development and deployment over more than 10 countries, this model is the largest simulated PKI architecture to-date.

Tags: Security Tools

Stealth MXP: Comprehensive Digital Identities in One Device 2006-06-29 03:45:59 MXI Security

Security tokens have been used for strong authentication of individuals to systems. They have traditionally come in many forms including smart cards, USB keys, biometric readers, and one-time-password devices. Despite the multitude of capabilities and form factors of tokens that have appeared in the market they have all been limited in capacity, application and portability, which poses serious obstacles when facing today's new digital identity requirements. MXP is the first technology of its kind that has the manifold identities, strong authentication, large capacity, flexibility, security and portability to meet the needs of existing systems and the rapidly evolving demands of the identity management and information security industry.

RFID Attacks: Securing Communications Using RFID Middleware 2006-05-10 01:00:27 Syngress

A key challenge to changing to a standards-based infrastructure is that tag data can be hijacked if there is no reliable multi-level security built into the system. This paper looks at ways that multi-layered security built into the Radio Frequency IDentification (RFID) middleware layer can be used to prevent unauthorized access. The paper also looks at the middleware implementation provided in Commerce Events' AdaptLink, which provides a scalable security infrastructure to thwart RFID attacks.

Oracle Application Server 10g Security 2006-07-04 04:23:30 Oracle

Application Security includes thinking through and standardizing on authentication, authorization, integrity, confidentiality, and access control mechanisms across the enterprise. The application server that powers and secures these applications has critical legal and business implications for companies, their corporate brands and their relationships with customers, employees and partners. This paper discusses the business drivers that drive security features in application server and a high level description of the new security products and features in Oracle Application Server 10g Release 3.

A Content Integrity Service for Long-Term Digital Archives 2006-05-02 06:15:52 Hewlett-Packard

This paper presents a content integrity service for long-lived digital documents, especially for objects stored in long-term digital archives. The goal of the service is to demonstrate that information in the archive is authentic and has not been unintentionally or maliciously altered, even after its bit representation in the archive has undergone one or more transformations. The paper describes the design for an efficient, secure service that achieves this, and the implementation of the first prototype of such a service that is built for HP's Digital Media Platform. The solution relies on one-way hashing and digital time-stamping procedures.

Jump to [11] 12 13 14 15 16 17 18 19 20

Title	Date Added	Company
Attestation of Identity Information	2006-11-10 14:17:30	Oracle
This Oracle white paper discusses the fundamental premise of attestation and the role of identity management in achieving cost-effective, sustainable compliance. Attestation is the requirement that management periodically certifies that only appropriate individuals have accessed sensitive information. While the cost of complying with the provisions of regulations like Sarbanes Oxley is high, the cost of non-compliance is even higher. Fortunately, today's robust identity management (IdM) solutions are reducing the overall cost of compliance providing automated processes to maintain a comprehensive audit trail of historical user privileges, including when, why, and through which systems information was accessed. Any IT decision maker who's seeking an end-to-end security solution that supports regulatory compliance will benefit from informative white paper from Oracle.
How to Gain Visibility and Control of Encrypted SSL Web Sessions	2006-04-27 07:59:09	Blue Coat Systems
SSL traffic is growing into a significant amount of enterprise network traffic. IT is unable to secure, control, or accelerate this traffic. Blue Coat's new SSL proxy removes IT's blinders, enabling organizations to establish a critical control point for policy, performance, and protection of users and applications using SSL. While enterprises should update acceptable use policies, Blue Coat's solution affords the appropriate flexibility and controls to mitigate any potential privacy concerns within the enterprise.
SSL in High-Security Browsers	2006-04-20 08:59:26	VeriSign
Declaring war on security exploits, browser providers are collaborating with industry experts to make their products more secure. A new breed of high-security browsers, including Firefox, Opera, and the upcoming Microsoft Internet Explorer 7, give users clear indications of a site's trustworthiness. With an average online order value of Ł75 and rising abandonment rates, e-commerce sites stand to gain or lose veritably depending on how users perceive them through these new browsers.
SSL in High-Security Browsers	2006-04-20 08:59:26	VeriSign
Declaring war on security exploits, browser providers are collaborating with industry experts to make their products more secure. A new breed of high-security browsers, including Firefox, Opera, and the upcoming Microsoft Internet Explorer 7, give users clear indications of a site's trustworthiness. With an average online order value of Ł75 and rising abandonment rates, e-commerce sites stand to gain or lose veritably depending on how users perceive them through these new browsers.
Managed Public Key Infrastructure: Securing Your Business Applications	2006-08-04 01:00:11	VeriSign
Distributed Denial of Service (DDoS) attacks are quite common on the Internet today. They have been known to generate tremendous volumes of traffic to the victims. Often the attack can be thwarted with appropriate countermeasures or filters applied to routers. Recently there has been an increase in the number of attacks using a less common, but well known, technique known as Distributed Reflector Denial of Service (DRDoS) attacks. Although not extremely rare, they are far less common than the traditional DDoS attack method. This paper will outline details about these recent attacks. Many of the specific servers involved and the few compromised machines known to be involved have been obfuscated since they are not relevant to the analysis.
Modeling and Evaluation of Certification Path Discovery in the Emerging Global PKI	2006-04-09	Dartmouth College
Establishing trust on certificates across multiple domains requires an efficient certification path discovery algorithm. Previously, small examples are used to analyze the performance of certification path discovery. This paper proposes and implements a simulation framework and a probability search tree model for systematic performance evaluation. Built from measurement data collected from current PKI systems in development and deployment over more than 10 countries, this model is the largest simulated PKI architecture to-date. Tags: Security Tools
Stealth MXP: Comprehensive Digital Identities in One Device	2006-06-29 03:45:59	MXI Security
Security tokens have been used for strong authentication of individuals to systems. They have traditionally come in many forms including smart cards, USB keys, biometric readers, and one-time-password devices. Despite the multitude of capabilities and form factors of tokens that have appeared in the market they have all been limited in capacity, application and portability, which poses serious obstacles when facing today's new digital identity requirements. MXP is the first technology of its kind that has the manifold identities, strong authentication, large capacity, flexibility, security and portability to meet the needs of existing systems and the rapidly evolving demands of the identity management and information security industry.
RFID Attacks: Securing Communications Using RFID Middleware	2006-05-10 01:00:27	Syngress
A key challenge to changing to a standards-based infrastructure is that tag data can be hijacked if there is no reliable multi-level security built into the system. This paper looks at ways that multi-layered security built into the Radio Frequency IDentification (RFID) middleware layer can be used to prevent unauthorized access. The paper also looks at the middleware implementation provided in Commerce Events' AdaptLink, which provides a scalable security infrastructure to thwart RFID attacks.
Oracle Application Server 10g Security	2006-07-04 04:23:30	Oracle
Application Security includes thinking through and standardizing on authentication, authorization, integrity, confidentiality, and access control mechanisms across the enterprise. The application server that powers and secures these applications has critical legal and business implications for companies, their corporate brands and their relationships with customers, employees and partners. This paper discusses the business drivers that drive security features in application server and a high level description of the new security products and features in Oracle Application Server 10g Release 3.
A Content Integrity Service for Long-Term Digital Archives	2006-05-02 06:15:52	Hewlett-Packard
This paper presents a content integrity service for long-lived digital documents, especially for objects stored in long-term digital archives. The goal of the service is to demonstrate that information in the archive is authentic and has not been unintentionally or maliciously altered, even after its bit representation in the archive has undergone one or more transformations. The paper describes the design for an efficient, secure service that achieves this, and the implementation of the first prototype of such a service that is built for HP's Digital Media Platform. The solution relies on one-way hashing and digital time-stamping procedures.

Security

Featured Whitepapers

Member Login

HP Simply StorageWorks D2D Backup System

Industry Watch: Healthcare